Reviewed October 2022.
The Bosworth Clinic is required to process personal data relating to staff, healthcare professionals, patients and suppliers as part of its business operations – and takes all reasonable steps to do so in accordance with this policy.
The address and contact details of the Data Controller and Data Officer are set out at the end of this privacy notice.
What Information We Collect
Personal identifiable information is collected to enable us to provide our service to you. Personal information may include name, date of birth, address, contact numbers, email address, enquiry source, insurance details and medical information. This information may be collected in person, by letter, by email, by phone, by our website or upon completing a new patient registration form. When an individual discloses personal information about themselves verbally, in writing or electronically, they consent to our use of the information for our services.
Personal data is collected from our website only if provided to us via the user and therefore has been provided by you with your consent. Instances include completing the online enquiry form and/or e-newsletter sign-up form.
We use Google Analytics to analyse and monitor visits to our website, including but not limited to traffic data, location data and communication data. This information is used to create reports about use of our website, stored by Google. Please note this data will not identify you personally.
Why We Process Personal Data
The personal data we collect, process and store are required for us to provide healthcare services to the public, and as such is required to comply with legal HCPC (Health Care Professional Council) and CSP (Chartered Society of Physiotherapy) regulations for the documentation of medical records.
Our legal basis for the collection, processing and storage of personal data are:
The conditions for processing special category data is for reasons of public interest – necessary for the provision of healthcare.
Where We Store Your Data
We store all personal data on IT systems, backed up securely off-site with appropriate technical and organisational security measures in place. All computers and IT systems are protected by password and anti-virus software.
Who Has Access to Data
We only share information with third parties at your request or where required by law.
Your personal data may be shared internally across our team for the management and treatment of your care. This may include administration staff, physiotherapists and other healthcare professionals.
How We Protect Your Data
We take the security of your data seriously and have internal policies, strict controls and security features in place to protect data and help prevent any unauthorised access.
The transmission of information via the internet and email is not completely secure and we cannot guarantee the security of data whilst you are transmitting it via our website or by email, and such transmission is at your own risk.
How Long We Keep Your Data
The standard retention period for medical records is 8 years, as per the CSP guidelines.
GDPR gives the right to be informed, right to access, right to rectification and right to erasure about any information held about you by The Bosworth Clinic. Please contact us in writing if you wish to request confirmation or details of what personal data we hold relating to you. There is no charge for requesting this information. You can write to us at the address detailed below, or email email@example.com
Address and Contact Details of Data Controller
The Bosworth Clinic
Telephone: 01865 881334
Data Protection Officer
Tillie Snell; Practice Manager